mirror of
https://github.com/optim-enterprises-bv/vault.git
synced 2025-10-30 18:17:55 +00:00
7089487509
* WIP: output policy
* Outputs example policy HCL for given request
* Simplify conditional
* Add PATCH capability
* Use OpenAPI spec and regex patterns to determine if path is sudo
* Add test for isSudoPath
* Add changelog
* Fix broken CLI tests
* Add output-policy to client cloning code
* Smaller fixes from PR comments
* Clone client instead of saving and restoring custom values
* Fix test
* Address comments
* Don't unset output-policy flag on KV requests otherwise the preflight request will fail and not populate LastOutputPolicyError
* Print errors saved in buffer from preflight KV requests
* Unescape characters in request URL
* Rename methods and properties to improve readability
* Put KV-specificness at front of KV-specific error
* Simplify logic by doing more direct returns of strings and errors
* Use precompiled regexes and move OpenAPI call to tests
* Remove commented out code
* Remove legacy MFA paths
* Remove unnecessary use of client
* Move sudo paths map to plugin helper
* Remove unused error return
* Add explanatory comment
* Remove need to pass in address
* Make {name} regex less greedy
* Use method and path instead of info from retryablerequest
* Add test for IsSudoPaths, use more idiomatic naming
* Use precompiled regexes and move OpenAPI call to tests (#15170)
* Use precompiled regexes and move OpenAPI call to tests
* Remove commented out code
* Remove legacy MFA paths
* Remove unnecessary use of client
* Move sudo paths map to plugin helper
* Remove unused error return
* Add explanatory comment
* Remove need to pass in address
* Make {name} regex less greedy
* Use method and path instead of info from retryablerequest
* Add test for IsSudoPaths, use more idiomatic naming
* Make stderr writing more obvious, fix nil pointer deref
57 lines
915 B
Go
57 lines
915 B
Go
package api
|
|
|
|
import "testing"
|
|
|
|
func TestIsSudoPath(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
testCases := []struct {
|
|
path string
|
|
expected bool
|
|
}{
|
|
{
|
|
"/not/in/sudo/paths/list",
|
|
false,
|
|
},
|
|
{
|
|
"/sys/raw/single-node-path",
|
|
true,
|
|
},
|
|
{
|
|
"/sys/raw/multiple/nodes/path",
|
|
true,
|
|
},
|
|
{
|
|
"/sys/raw/WEIRD(but_still_valid!)p4Th?🗿笑",
|
|
true,
|
|
},
|
|
{
|
|
"/sys/auth/path/in/middle/tune",
|
|
true,
|
|
},
|
|
{
|
|
"/sys/plugins/catalog/some-type",
|
|
true,
|
|
},
|
|
{
|
|
"/sys/plugins/catalog/some/type/or/name/with/slashes",
|
|
false,
|
|
},
|
|
{
|
|
"/sys/plugins/catalog/some-type/some-name",
|
|
true,
|
|
},
|
|
{
|
|
"/sys/plugins/catalog/some-type/some/name/with/slashes",
|
|
false,
|
|
},
|
|
}
|
|
|
|
for _, tc := range testCases {
|
|
result := IsSudoPath(tc.path)
|
|
if result != tc.expected {
|
|
t.Fatalf("expected api.IsSudoPath to return %v for path %s but it returned %v", tc.expected, tc.path, result)
|
|
}
|
|
}
|
|
}
|